EU Data Act: impact on digital solutions
The EU Data Act was published in the Official Journal of the EU on December 22, 2023 and will enter into force on September 12, 2025. It is a central component of the European data strategy, which aims to promote access to and use of data in the European Union. The aim is to create a data ecosystem that supports innovation, competitiveness and the creation of added value for businesses and citizens alike. In this article, we examine the key provisions of the EU Data Act and its potential impact on digital solutions.
What is the EU Data Act?
The EU Data Act was proposed by the European Commission in February 2022 and aims to facilitate access to data and improve the conditions for the use of data. The draft law has the potential to significantly change the way companies, public bodies and citizens handle data. The Data Act complements the General Data Protection Regulation (GDPR) and the ePrivacy Regulation by focusing on the use and sharing of data.
Key objectives of the EU Data Act:
Key provisions of the EU Data Act
The central provisions of the EU Data Act concern the following aspects:
Access rights
The Data Act stipulates that companies that generate or process data are obliged to provide this data access to other companies and public bodies. This could be particularly relevant for companies that use IoT devices or other data-producing technologies.
Data portability
Users should be able to easily transfer their data between different platforms and providers. This not only promotes competition, but also gives users more control over their data.
Interoperability
The Data Act promotes the development and introduction of open standards that enable different systems and applications to communicate efficiently with each other. This is particularly important for digital solutions that rely on the exchange of data.
Effects on digital solutions
The EU Data Act has far-reaching implications for digital solutions and their development. Here are some of the most important aspects:
Changes in data processing
Companies need to rethink their data processing procedures to ensure that they comply with the new requirements of the Data Act. This could require the adaptation of software and systems to capture, store and transfer data more efficiently.
New business models
The ability to port data between different providers opens up new business opportunities. Companies can develop innovative business models aimed at exchanging data and gaining access to new markets.
Strengthening competitiveness
Simplified access to data enables companies to react more quickly to market changes and make data-driven decisions. This increases competitiveness and promotes innovation throughout the industry.
Increased responsibility for companies
Companies must ensure that they comply with the new regulations, which will lead to increased compliance and risk management requirements. It will be crucial to implement appropriate data protection and data security measures.
Promotion of partnerships
The requirements of the Data Act could lead to companies increasingly entering into partnerships to exchange data and develop innovative solutions. This collaboration can facilitate access to valuable data sources and generate new insights.
Consequences and penalties
The goals must be relevant to your project and the overall strategy of your company. Think about how the goal contributes to achieving the long-term vision.
Warnings and fines
Companies that violate the provisions of the EU Data Act could initially be subject to warnings and fines. The amount of these fines could vary depending on the severity of the breach and the company’s turnover. In many cases, the amount of the fine will be set to have a disciplinary effect to prevent future breaches.
Restrictions or prohibition of data processing
In the event of serious or repeated violations, authorities could prohibit companies from processing certain data or impose restrictions. This could mean that a company is no longer allowed to collect, store or process data, either temporarily or permanently, which could have a significant impact on its business activities.
Legal steps
Affected users or companies could take legal action against a company that violates the provisions of the EU Data Act. This could lead to civil lawsuits and further financial consequences.
Regulatory audits
Companies that violate the provisions of the Data Act could be subject to additional regulatory audits. This could lead to more intensive monitoring and more frequent audits, which may result in additional resources and costs.
Concrete examples
The EU Data Act presents companies with new challenges and opportunities. The provisions of the Data Act are intended to improve access to data, promote interoperability and give users more control over their data. The following examples show how these new regulations can have a concrete impact on data marketplaces for company data as well as cloud services and their data portability.
Data marketplaces for company data
Example: A company that acts as a data marketplace enables companies to sell or share their collected data in order to generate additional revenue. The EU Data Act obliges such marketplaces to ensure that the data offered is provided under fair conditions and that access rights are clearly regulated.
Impact: The data marketplace must implement transparent guidelines for data access and use. The company must ensure that the providers have given their consent to the use of data and that the data is anonymized to ensure data protection. The marketplace may also need to provide interfaces that enable easy integration for buyers and sellers.
Cloud services and data portability
Example: A cloud provider offers companies storage and data processing services. Under the EU Data Act, providers are obliged to offer users a simple option for data portability so that they can easily transfer their data between different cloud services.
Impact: The cloud service must provide functions that enable users to export their data in standardized formats. This includes APIs and tools that enable seamless migration of data to other cloud providers or internal systems. Companies could also be required to provide their users with information about the use and storage of their data.
CRM systems
Example: A company uses a Customer Relationship Management (CRM) system to manage customer data and conduct marketing campaigns. The EU Data Act requires the company to ensure that customer data is accessible to customers so that they can easily export their information or switch to another provider.
Impact: The CRM system needs to offer data portability features so that customers can export their data without much effort. This may require a change to the user interface and the implementation of APIs to support data migration.
Web applications
Example: A web application for managing projects allows users to track their progress and share files. With the EU Data Act coming into force, the operators of the application must ensure that users have control over their data and can easily transfer it between different platforms.
Impact: The web application must provide a user interface for exporting project data and ensure that all data is available in an interoperable format. This may also require the development of interfaces to other applications for data integration.
IoT solutions
Example: A company produces smart home devices that collect data on energy consumption and send it to a central platform. The EU Data Act requires that the data generated by these IoT devices is accessible to users so that they can use this data or pass it on to third-party providers.
Impact: The IoT platform must provide mechanisms that allow users to easily retrieve their data and transfer it to other services or applications. This may include the development of APIs that enable seamless integration with other smart home systems or energy management tools.
The EU Data Act is a significant step towards an open and fair data market. This regulation will not only strengthen our competitiveness, but also promote innovation and collaboration across the industry. We are committed to proactively implementing the new requirements and helping our customers realize the full potential of their data.
Till Neitzke
Conclusion: EU Data Act
The EU Data Act represents a significant step towards an open and competitive data market in Europe. It promotes access to data, the interoperability of systems and the portability of data between different providers. For digital solutions, this means that companies need to rethink and adapt their data strategies to meet the new requirements.
However, with the right measures, companies can benefit from the opportunities offered by the Data Act and increase their innovative strength and competitiveness. The coming months will be crucial to observe how the Data Act is implemented in practice and what changes it brings to the digital landscape.
Successful together in the digital transformation –
Your introductory meeting with DMG
In our introductory meeting we will discuss
- what your current challenges are in digital projects
- how other companies have done it and how you can use this to your advantage.
- what needs to be done now and whether we are the right people for the job.